1,892 research outputs found
Detection of Early-Stage Enterprise Infection by Mining Large-Scale Log Data
Recent years have seen the rise of more sophisticated attacks including
advanced persistent threats (APTs) which pose severe risks to organizations and
governments by targeting confidential proprietary information. Additionally,
new malware strains are appearing at a higher rate than ever before. Since many
of these malware are designed to evade existing security products, traditional
defenses deployed by most enterprises today, e.g., anti-virus, firewalls,
intrusion detection systems, often fail at detecting infections at an early
stage.
We address the problem of detecting early-stage infection in an enterprise
setting by proposing a new framework based on belief propagation inspired from
graph theory. Belief propagation can be used either with "seeds" of compromised
hosts or malicious domains (provided by the enterprise security operation
center -- SOC) or without any seeds. In the latter case we develop a detector
of C&C communication particularly tailored to enterprises which can detect a
stealthy compromise of only a single host communicating with the C&C server.
We demonstrate that our techniques perform well on detecting enterprise
infections. We achieve high accuracy with low false detection and false
negative rates on two months of anonymized DNS logs released by Los Alamos
National Lab (LANL), which include APT infection attacks simulated by LANL
domain experts. We also apply our algorithms to 38TB of real-world web proxy
logs collected at the border of a large enterprise. Through careful manual
investigation in collaboration with the enterprise SOC, we show that our
techniques identified hundreds of malicious domains overlooked by
state-of-the-art security products
Revisiting electroweak phase transition in the standard model with a real singlet scalar
We revisit the electroweak phase transition in the standard model with a real
scalar, utilizing several calculation methods to investigate scheme
dependences. We quantify the numerical impacts of Nambu-Goldstone resummation,
required in one of the schemes, on the strength of the first-order electroweak
phase transition. We also employ a gauge-independent scheme to make a
comparison with the standard gauge-dependent results. It is found that the
effect of the Nambu-Goldstone resummation is typically . Our analysis
shows that both gauge-dependent and -independent methods give qualitatively the
same result within theoretical uncertainties. In either methods, the scale
uncertainties in the ratio of critical temperature and the corresponding Higgs
vacuum expectation value are more than 10%, which signifies the importance of
higher-order corrections.Comment: 15 pages, 2 figures; v2: some clarifications and references added,
version to appear in PL
Controlled Heterogeneous Nucleation and Growth of Germanium Quantum Dots on Nanopatterned Silicon Dioxide and Silicon Nitride Substrates
Controlled heterogeneous nucleation and growth of Ge quantum dots (QDs) are demonstrated on SiO_2/Si_3N_4 substrates by means of a novel fabrication process of thermally oxidizing nanopatterned SiGe layers. The otherwise random self-assembly process for QDs is shown to be strongly influenced by the nanopatterning in determining both the location and size of the QDs. Ostwald ripening processes are observed under further annealing at the oxidation temperature. Both nanopattern oxidation and Ostwald ripening offer additional mechanisms for lithography for controlling the size and placement of the QDs
Escalation of Commiement in Software Projects: An Examination of Two Theories
Escalation of commitment is common in many software projects. It stands for the situation where managers decide to continue investing in or supporting a prior decision despite new evidence suggesting the original outcome expectation will be missed. Escalation of commitment is generally considered to be irrational. Past literature has proposed several theories to explain the behaviour. Two commonly used interpretations are self-justification and the framing effect. While both theories have been found effective in causing the escalation of commitment, their relative effect is less studied. The purpose of this study is to further investigate the primary factor that causes the escalation of commitment in software project related decisions. An experiment was designed to examine whether the escalation of commitment exists in different decision contingencies and which theories play a more important role in the escalation. One hundred and sixty two subjects participated in the experiment. The results indicate that both self-justification and problem framing have effects on commitment escalation in software projects but the effect of self-justification is stronger. Significant interaction effect is also found. A commitment is more likely to escalate if the problem is framed positively
Motor Overflow and Spasticity in Chronic Stroke Share a Common Pathophysiological Process: Analysis of Within-Limb and Between-Limb EMG-EMG Coherence
The phenomenon of exaggerated motor overflow is well documented in stroke survivors with spasticity. However, the mechanism underlying the abnormal motor overflow remains unclear. In this study, we aimed to investigate the possible mechanisms behind abnormal motor overflow and its possible relations with post-stroke spasticity. 11 stroke patients (63.6 ± 6.4 yrs; 4 women) and 11 healthy subjects (31.18 ± 6.18 yrs; 2 women) were recruited. All of them were asked to perform unilateral isometric elbow flexion at submaximal levels (10, 30, and 60% of maximum voluntary contraction). Electromyogram (EMG) was measured from the contracting biceps (iBiceps) muscle and resting contralateral biceps (cBiceps), ipsilateral flexor digitorum superficialis (iFDS), and contralateral FDS (cFDS) muscles. Motor overflow was quantified as the normalized EMG of the resting muscles. The severity of motor impairment was quantified through reflex torque (spasticity) and weakness. EMG-EMG coherence was calculated between the contracting muscle and each of the resting muscles. During elbow flexion on the impaired side, stroke subjects exhibited significant higher motor overflow to the iFDS muscle compared with healthy subjects (ipsilateral or intralimb motor overflow). Stroke subjects exhibited significantly higher motor overflow to the contralateral spastic muscles (cBiceps and cFDS) during elbow flexion on the non-impaired side (contralateral or interlimb motor overflow), compared with healthy subjects. Moreover, there was significantly high EMG-EMG coherence in the alpha band (6–12 Hz) between the contracting muscle and all other resting muscles during elbow flexion on the non-impaired side. Our results of diffuse ipsilateral and contralateral motor overflow with EMG-EMG coherence in the alpha band suggest subcortical origins of motor overflow. Furthermore, correlation between contralateral motor overflow to contralateral spastic elbow and finger flexors and their spasticity was consistently at moderate to high levels. A high correlation suggests that diffuse motor overflow to the impaired side and spasticity likely share a common pathophysiological process. Possible mechanisms are discussed
- …